Source of Public Summary in the webserver's display

duo-labs / cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

BSD 3-Clause "New" or "Revised" License

6k stars 810 forks source link

Source of Public Summary in the webserver's display #632

Closed wjohnston-sfdc closed 4 years ago

wjohnston-sfdc commented 4 years ago

Great product! I really enjoy using this to map out our IaaS footprint. My question is around the source IP listed as 0.0.0.0/0 and defined as Public coming from the Cloud. Please see the image i have attached.

Why is cloudmapper defining some external connections coming from specific /32 or /16 addresses and some coming from 0.0.0.0/0?

Public CloudMappter

0xdabbad00 commented 4 years ago

CloudMapper looks at your Security Groups to determine what is allowed access to your resources. In cases where an unknown CIDR is used, such as a /32 or /16, CloudMapper will create a node for that CIDR. 0.0.0.0/0 is a special case that CloudMapper renames as "Public".

wjohnston-sfdc commented 4 years ago

Thank you very much for the clarification. Closing the issue